...
camel-spring-security component can take the authentication token which is set by Spring Security or other security framework, and check authentication token with the access information which is configured by SpringSecurityAuthorizationPolicy.
SpringSecurityAuthorizationPolicy will check the message header with "CamelAuthentication" and turned the security subject into the spring authentication token, you can specify your customer authenticationAdapter by configure this policy. If there is no security subject in the message header, and the policy's attribute "useThreadSecurityContext" is true, the policy will use SecurityContextHolder.getContext().getAuthentication() to get the authentication token.
If the authentication token is authorized, the camel exchange will be passed to the next processor, otherwise CamelAuthorizationException will be thrown with the exchange.
...
Attribut | Type | Description |
---|---|---|
| String | The bean id which is common used for the bean which is managed by Spring |
| String | The access policy that you want to use authorization |
| String | The id of the authentication manager which is used for reauthentication within the SpringSecurityAuthorizationPolicy. If you don't specify it, SpringSecurityAuthorizationPolicy will set it value with "authenticationManager" |
| String | The id of the access decision manager which is used for checking the access attribute with authentication token. If you don't specify it, SpringSecurityAuthorizationPolicy will set it value with "accessDecisionManager" |
| String | New to Camel 2.4, The id of AuthenticationAdapter that SpringSecurityAuthorizationPolicy uses to turn a security subject into Spring authentication token |
| String boolean | SpringSecurityAuthorizationPolicy will try to get the authentication token from exchangemessage header with the key "CamelAuthentication", if it can't get it and the this attribute is true, it will try to get authentication from SecurityContextHolder (the thread local context). The default value of this attribute is true. |
| String boolean | If this attribute is true, SpringSecurityAuthorizationPolicy will aways reauthenticate the authentication token. The default value of this attribute is false. |
...